7d3f2d22c670a6ba3c28dd0bf6e0e357

General

Target

7d3f2d22c670a6ba3c28dd0bf6e0e357
Size

1.1MB
MD5

7d3f2d22c670a6ba3c28dd0bf6e0e357
SHA1

2b7f05abe59da3660947ee37ee6c44a68e34b0d6
SHA256

c61d695bfbeff7422f0c3f14bf6adda64f3d864e2a545fa9d0708aa9894e4611
SHA512

ce04158a2c05cd177b885aa8fb115019e92c2e377eb5432f725a3c163294f6206e3a513b42f1cb4d1d63f3f98536894228d5ecf7a88a820be26220c365543c26
SSDEEP

24576:D0bV3KnsPMcZ2XIMLwFUPGL4m03wxoYRTo9n1ksj9Khc:+VpqzmVoYFssc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d3f2d22c670a6ba3c28dd0bf6e0e357

Files

7d3f2d22c670a6ba3c28dd0bf6e0e357
.exe windows:8 windows x86 arch:x86

6a95c754f70002dfeb6d37d00e1c6d42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpynA
CreateFileA
UnmapViewOfFile
ReadFile
CreateFileMappingA
ConnectNamedPipe
ReadFileEx
FileTimeToDosDateTime
CloseHandle
CreateNamedPipeA
ExitProcess
MapViewOfFile
HeapLock
HeapFree
TryEnterCriticalSection
IsBadStringPtrA
GetCurrentProcessId
InitializeCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
WaitNamedPipeA
GetFileTime
CompareStringA
SetFilePointer
GetCurrentThreadId
HeapAlloc

odbc32

SQLPutData
SQLNativeSql
SQLExecute
SQLSetConnectOptionA
SQLSetScrollOptions
SQLForeignKeys
SQLSetDescField
SQLTablePrivileges
SQLGetTypeInfoA
SQLTables
SQLGetStmtOption
SQLDescribeCol
SQLConnect
SQLGetDiagField
SQLNumResultCols
SQLGetInfoA
SQLGetConnectOption
SQLSetDescRec
SQLDriverConnectA
LockHandle
SQLBindParameter
SQLBindParam

adsldpc

BuildADsParentPathFromObjectInfo
AllocADsStr
ADsDeleteAttributeDefinition
FreeADsMem
ADsDeleteClassDefinition
GetDomainDNSNameForDomain
AdsTypeToLdapTypeCopyConstruct
ADsFreeColumn
ADsGetNextRow
ADSIDeleteDSObject
ADsEnumClasses
BuildADsPathFromParent
IsGCNamespace
BuildLDAPPathFromADsPath
ADsGetObjectAttributes
ADsAbandonSearch
ConvertSidToU2Trustee
ConvertSidToString
ADSIExecuteSearch

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 787KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a95c754f70002dfeb6d37d00e1c6d42

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

odbc32

adsldpc

Sections

.text Size: 192KB - Virtual size: 192KB

.data Size: 141KB - Virtual size: 140KB

.rsrc Size: 787KB - Virtual size: 3.9MB

.text
Size: 192KB - Virtual size: 192KB

.data
Size: 141KB - Virtual size: 140KB

.rsrc
Size: 787KB - Virtual size: 3.9MB